Cisco Cisco Web Security Appliance S690 User Guide

Better performance and interopera-
bility when compared to NTLM

Works with both Windows and 
non-Windows clients that have 
joined the domain

Supported by all browsers and most 
other applications

RFC-based

Minimal overhead

Works for HTTPS 
(CONNECT) requests

Because the passphrase is not 
transmitted to the authentication 
server, it is more secure

Connection is authenticated, not the 
host or IP address

Achieves true single sign-on in an 
Active Directory environment 
when the client applications are 
configured to trust the Web 
Security appliance

Better performance and interopera-
bility when compared to NTLM

Works with both Windows and 
non-Windows clients that have 
joined the domain

Works with all major browsers

With user agents that do not 
support authentication, users 
only need to authenticate first in 
a supported browser

Relatively low overhead

Works for HTTPS requests if the 
user has previously authenticated 
with an HTTP request

Advantages:

Better performance and interopera-
bility when compared to NTLM

Works with both Windows and 
non-Windows clients that have 
joined the domain

Works with all major browsers

Authentication is associated 
with the user rather than the host 
or IP address

Disadvantages:

Each new web domain requires 
the entire authentication process 
because cookies are domain specific

Requires cookies to be enabled

Does not work for HTTPS requests